Skip to main content

Virtually all banking web apps are vulnerable to hackers, study finds

Using a computer today feels a bit like walking through a minefield, at least when we are using them to access or share personal and sensitive information. That is particularly true for our financial information, where the wrong person getting access to our data could mean a whole lot of pain. According to a recent study, using our bank’s web application is one of the biggest mines that we probably don’t know about.

The news comes via security firm Positive Technologies, which looked at web application security in a recent report. The results are disturbing, to say the least, with every web application tested in 2017 having at least one vulnerability, and with 94 percent having at least one vulnerability that was characterized as “high-severity.”

Recommended Videos

According to Leigh-Anne Galloway, Positive Technologies’ cybersecurity resilience lead, “Web applications practically have a target painted on their back. A large number of unfixed, exploitable vulnerabilities is a windfall for hackers, who can use these flaws to steal sensitive information or access an internal network. Fortunately, most vulnerabilities can be discovered long before an attack ever happens. The key is to analyze application source code.”

The results were even worse when looking strictly at banking and finance web applications, which made up 46 percent of the test group. Every one of the banking and finance web applications covered in the report suffered from high-severity vulnerabilities. As the organization points out, these applications are also the most attractive to hackers and so their vulnerabilities are of particular concern.

Furthermore, the data shows that 87 percent of banking and government web applications are open to attacks against users, with cross-site scripting vulnerabilities present in 82 percent of the tested web applications. That makes them good targets for phishing attacks that can infect user PCs with malware.

Clearly, the banking industry has work to do to clean up its web applications. As always, the presence of these kinds of vulnerabilities serve as a reminder that we all need to be constantly vigilant in monitoring our financial data, because we never know which online transaction will be the one that opens us up to an attack.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
This TP-Link Wi-Fi 6 router is 45% off in early Prime Day deal
The TP-Link AX1800 Archer AX21 Wi-FI 6 Router on a white background.

If you're planning to buy a new router to improve your home's Wi-Fi network, the good news is that you don't have to wait for Prime Day 2025 to take advantage of huge discounts on router deals from Amazon. Here's an excellent offer — the TP-Link Archer AX21 with an eye-catching 45% discount, which drops its price from $100 to just $55. The $45 in savings will only be available for a limited time though, so you better act fast and proceed with your purchase immediately as this early Prime Day deal may disappear at any moment.

Buy Now

Read more
Watch these AI humanoid robots play soccer like Mbappé … sort of
Humanoid robots playing soccer.

Watching these humanoid robots battle it out on the soccer field, you quickly realize that Kylian Mbappé and his fellow professionals really have little to worry about. At least, for now.

The footage (top) was captured last week in Beijing at the RoBoLeague World Robot Soccer League, China's first-ever three-on-three humanoid robot soccer league.

Read more
The robot takeover comes another step closer — at Amazon
An Amazon robot working inside one of the company's warehouses.

Amazon is close to having more robots operating inside its warehouses than humans after the e-commerce giant announced this week that it now has more than a million robots working at its facilities around the world.

Over the years, Amazon has spent billions of dollars on the development and deployment of warehouse-based robots, which handle an array of tasks once performed by human workers.

Read more